SAMBA issue after upgrading to 3.6.13-1

DarkElf · 2013-03-23 13:41:18

I will try to explain my problem:

the smb.conf file that I use and it has always worked for years is as follows:

[global]
workgroup = CASA
server string = etcetc
security = share
hosts allow = 192.168.1. 127.
load printers = no
printcap name = /dev/null
printing = bsd
log file = /var/log/samba/%m.log
max log size = 50
dns proxy = no 

[home]
comment = home
path = /home/francesco
force user = francesco
force group = users
read only = No
guest ok = Yes

after upgrading to version 3.6.13 I can no longer access the home folder from windows 7 (insufficient permissions etc). Of course I've also double check by downgrading to the previous version of the package 3.6.12 and everything is back to work properly as before.
I've searched over internet but the only similar issue I found is this https://bbs.archlinux.org/viewtopic.php?id=160119 but the solution seems more a workaround that I don't like so much. I tried to apply it but doing several tests I saw that using the guest account key, the force user and the force group keys are completely ignored and so I think there is something wrong.
At this point I was wondering if it was a bug in this new version, or if it has been resolved some security flaw and I always used a wrong / inconsistent smb.conf file.

Basically what I need is to have a set of shared folders (on the model of the attached file above) accessible to everyone without asking for username and password (security = share ???) And each folder has to be associated with a specific user (force user and force group) so that files creation, reading and writing are done as a particular user (based on the shared folder).
I hope the situation is clear and I hope some "wizard of samba" can give me explanations about this issue...
Thank you all.

Last edited by DarkElf (2013-03-23 13:45:18)

Anonymous20210119 · 2013-03-24 13:45:30

I have the same problem while using a similar smb.conf with version 3.6.13-1.

After going back to version 3.6.12-2 everything works again.

Anyone familiar with this kind of problem?

Thank you all
Felix

choubi · 2013-03-25 07:44:53

I can't provide any help - I have the exact same problem - and "solved" it by downgrading to 3.6.12-2

KingX · 2013-03-26 18:45:22

security = share option has been deprecated.

https://bbs.archlinux.org/viewtopic.php?id=160273

DarkElf · 2013-03-27 07:16:47

KingX wrote:

security = share option has been deprecated.
https://bbs.archlinux.org/viewtopic.php?id=160273

why it was not reported here http://www.samba.org/samba/history/samba-3.6.13.html ?? I think it's a very big changing.
So if it is true, the "bug" is in the samba documentation because:

it is not written here http://www.samba.org/samba/docs/man/man … l#SECURITY
and
it is not written in the smb.conf.default file
and
samba does not give you any syslog/journal warning message about it

...so there is still something missing...

Update:
I try to switch to security = user following this http://vicidi.wordpress.com/2012/01/23/ … y-setting/
and...same story..it works with 3.6.12 but NOT with 3.6.13 and...again...it completely ignores the
force user and force group directives
so I don't think it is a problem related to the share mode...it smells like a bug.

Last edited by DarkElf (2013-03-27 18:29:28)

FernandoBasso · 2013-03-29 13:26:33

I can't even start samba:

bash-4.2, ArchLinux - vaio@fernando, Fri Mar 29 10:12:23 
$PWD="~/"     
$ sudo systemctl start samba
Failed to issue method call: Unit samba.service failed to load: No such file or directory. See system logs and 'systemctl status samba.service' for details.
=============================================================================================
bash-4.2, ArchLinux - vaio@fernando, Fri Mar 29 10:12:36 
$PWD="~/"     
$ systemctl status samba.service 
samba.service
	  Loaded: error (Reason: No such file or directory)
	  Active: inactive (dead)

Downgrading to 3.6.12 I'm able to start samba with no problems at all.

SantaSCSI · 2013-03-30 11:24:39

I have no issues reaching my home shares with 3.6.13-1

[wouter@DKNAS2 ~]$ cat /etc/samba/smb.conf
[global]
# SAMBA TUNING
   socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=65536 SO_SNDBUF=65536
   interfaces = 192.168.1.2   
   workgroup = DEKIMPE
   server string = DKNAS2
   security = user
   hosts allow = 192.168.1.0/255.255.255.0
   log file = /var/log/samba/%m.log
   max log size = 5000
   printing = bsd
   printcap name = /dev/null

[homes]
   comment = Home Directories
   browseable = no
   writable = yes

[data]
   comment = data share on mdadm Raid 5
   path = /media/data
   writeable = yes
   create mask = 0770
   directory mask = 0770
[wouter@DKNAS2 ~]$ pacman -Q samba
samba 3.6.13-1

NoSavvy · 2013-03-30 14:23:51

@ FernandoBasso

I'm not with 'arch' at the moment but I'm sure the command is:- "systemctl status smbd.service"
sudo systemctl enable smbd.service, sudo systemctl start smbd.service

NoSavvy · 2013-03-30 15:23:07

This works for me across mixed linux systems. I had a it of fiddling to do. There maybe some redundant lines in there but 'it works'.

[global]
printer = HP_psc_1300_series
ldap ssl = no
socket options = TCP_NODELAY IPTOS_LOWDELAY
hide unreadable = Yes
host msdfs = No
deadtime = 15
guest account = johnny
map to guest = Bad user
domain master = No
hosts allow = 192.168.1., 192.168.79., 127., 10.0.0., 10.1.1., 192.168.2.
level2 oplocks = No
wins support = Yes
dns proxy = yes
oplocks = No
server string = %h server (Samba %v)
path = /var/spool
idmap config * : backend = tdb
workgroup = MYGROUP
acl compatibility = winnt
server signing = auto
panic action = /usr/share/samba/panic-action %d
max log size = 1000
[Arch_Files]
path = /home/johnny
force user = johnny
force group = users
read only = No
guest ok = Yes
case sensitive = No
msdfs proxy = no
allow hosts = 192.168.1., 192.168.79., 127., 10.0.0., 10.1.1., 192.168.2.,
case sensitive = No
writeable = yes

Last edited by NoSavvy (2013-03-30 15:23:56)

DarkElf · 2013-03-30 16:11:39

That works also for me (is one of the tests I made some days ago) but I'm speaking about something different.
The problem is about the force user and force group directives which don't work in fact the only one rule which samba seems to "read" is the guest account

Try yourself

Simply create a share which point to /tmp/ and try to force different user from "johnny" and you will see that every file you create from windows are created as "johnny" and not as the forced user.
Previously (3.6.12), it was possible to leave the default nobody to guest account, open a share as a guest (guest ok=yes) and then force a specific user for file operations.

DarkElf · 2013-04-08 15:08:14

Just for the record:

https://bugzilla.samba.org/show_bug.cgi?id=9746

Arch Linux

#1 2013-03-23 13:41:18

SAMBA issue after upgrading to 3.6.13-1

#2 2013-03-24 13:45:30

Re: SAMBA issue after upgrading to 3.6.13-1

#3 2013-03-25 07:44:53

Re: SAMBA issue after upgrading to 3.6.13-1

#4 2013-03-26 18:45:22

Re: SAMBA issue after upgrading to 3.6.13-1

#5 2013-03-27 07:16:47

Re: SAMBA issue after upgrading to 3.6.13-1

#6 2013-03-29 13:26:33

Re: SAMBA issue after upgrading to 3.6.13-1

#7 2013-03-30 11:24:39

Re: SAMBA issue after upgrading to 3.6.13-1

#8 2013-03-30 14:23:51

Re: SAMBA issue after upgrading to 3.6.13-1

#9 2013-03-30 15:23:07

Re: SAMBA issue after upgrading to 3.6.13-1

#10 2013-03-30 16:11:39

Re: SAMBA issue after upgrading to 3.6.13-1

#11 2013-04-08 15:08:14

Re: SAMBA issue after upgrading to 3.6.13-1

Board footer